Author

Topic: General concern about hardware wallets (Read 124 times)

hero member
Activity: 1022
Merit: 642
Magic
April 19, 2023, 02:22:53 PM
#8
If you can do it properly, then I would argue that a properly airgapped cold wallet is better than a hardware wallet. The problem is it is much harder to do it properly and much easier to make a mistake than simply using a hardware wallet.


The main question actually always has to be, if the wallet should be regularly used. If the answer is no and it should really be a cold wallet then there is no need for a hardware wallet. There is not even a need for any kind of wallet except for a paperwallet. This makes using the funds in the everyday live however unpractical.
So if you want to use your funds more regular the use AirGapped electrum. For the maximum usage in every day live a hardware wallet is convenient and pretty safe.
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
April 19, 2023, 07:15:26 AM
#7
,
I want to do cold storage but I prefer using cold storage through electrum rather than Hardware Wallet for two reasons:

- HWW ist not open source and not full privacy: the company (trezor, ledger etc.) can tell the government how many cryptos I own
As far as I know, Trezor is still fully open-source, but this may well change in the near future if we consider questionable decisions and implementations they have made over the past couple of years. As for collecting data about their users, you can maintain a good level of privacy as long as you don't use Trezor-issued software for managing your hardware wallet, which otherwise may reveal some information about your transactions to the nodes they control. Moreover, if you decide to make use of their implementation of CoinJoin transactions, all your UTXOs will be shared with and analyzed by unknown chain surveillance companies with whom the default CoinJoin coordinator collaborates. In other words, if you are into privacy, you either avoid Trezor Wallet completely or use it with third-party software solutions that don't spy on their users. Ledger is another story because they favor the principle of security through obscurity, which means they are, at best, only partially open source, but all important logic is hidden behind proprietary software, patents, licenses, etc. What we know about Ledger is that they certainly collect data about their customers, and part of this data has long become public due to well-known data breaches affecting thousands of people.
legendary
Activity: 2268
Merit: 18711
April 19, 2023, 06:45:23 AM
#6
If you can do it properly, then I would argue that a properly airgapped cold wallet is better than a hardware wallet. The problem is it is much harder to do it properly and much easier to make a mistake than simply using a hardware wallet.

You will need a permanently airgapped computer. Ideally it should have all connectivity hardware such as WiFi, Bluetooth, etc., not just disabled but physically removed. You will need to format it and ideally write junk data to the entire hard drive to ensure there is nothing lurking on it you are unaware of. On a different computer, download and verify a good Linux distro and either Core or Electrum, and put these on a clean and recently formatted USB stick. Install Linux on your airgapped device, enable full disk encryption with a strong passphrase, and then install Core or Electrum and generate your wallet. Export an xpub via QR code to create a watch only wallet on your online computer, and use QR codes to move transactions back and forth. Use the airgapped computer for nothing else. Make sure you back up your wallet and your decryption passphrase, and do not rely on your memory for any of these backs ups.

So as you can see, it's a complex process if you don't really know what you are doing with many potential risks. If you are at all unsure, then a good hardware wallet such as a Passport paired with Electrum is probably a safer option.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
April 19, 2023, 06:18:35 AM
#5
~snip~
- all wallets allow you to setup a password for extra security. I don't see how is this a bad thing, especially when the pin is just 6 digits. Also, You don't have to remember the seed, and you probably shouldn't try to it either. It's better to write it down and store it somewhere safe.

Ledger has an option of 8 numbers in the PIN, although I think a 4-digit PIN can also be used. In the past, I read that the PIN is not something that is too difficult to hack when it comes to HW, although it may have been related to some vulnerability that was subsequently fixed.
legendary
Activity: 2212
Merit: 7064
April 18, 2023, 04:30:13 PM
#4
- HWW ist not open source and not full privacy: the company (trezor, ledger etc.) can tell the government how many cryptos I own
This is not true at all.
All hardware wallets are not closed source, ledger is, Trezor is open source.
No hardware wallet can know how much coins you have, especially if you use them with Electrum, or with Tor.

- I have to remember the PIN of the HWW + the seed (instead of only the seed for a cold wallet of electrum).
Electrum also have password, and hardware wallets have optional passphrase.
You don't have to remember seed words, doing that would be stupid and risky, you write them on paper or metal.

Am I correct ? Any objection ? What would be the advantages of an HWW versus Cold Storage through electrum ?
No.
Hinestly, you just wrote a bunch of mambo jumbo.
staff
Activity: 3500
Merit: 6152
April 18, 2023, 02:51:28 AM
#3
- They might be able to see certain information (IP, balance etc.) but they can't link it to your identity. Besides, you can always setup your own server and connect to it.

- all wallets allow you to setup a password for extra security. I don't see how is this a bad thing, especially when the pin is just 6 digits. Also, You don't have to remember the seed, and you probably shouldn't try to it either. It's better to write it down and store it somewhere safe.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
April 18, 2023, 02:42:07 AM
#2
Cold storage using electrum is secure if done correctly...

That being said: some hardware wallet vendors are open source... And you don't need to use the software from the wallet vendor, a lot of hardware wallets can be used together with electrum... So the hardware wallet vendor shouldn't automatically have to know how much funds you own (+ you can always use tor if you'd like to use the hardware wallet's software... + sometimes the hardware wallet's vendor's software allows you to not use their nodes)

By the way, the pincode does protect you in case of a "normal" reasonable tech-savvy thief steals your wallet... Personally, i'd recommend an extended seed + a pincode... But yeah, if you do it correctly, an airgapped electrum setup can be just as safe (or even safer) than a hardware wallet.
jr. member
Activity: 48
Merit: 27
April 18, 2023, 02:36:23 AM
#1
Hello,

I want to do cold storage but I prefer using cold storage through electrum rather than Hardware Wallet for two reasons:

- HWW ist not open source and not full privacy: the company (trezor, ledger etc.) can tell the government how many cryptos I own
- I have to remember the PIN of the HWW + the seed (instead of only the seed for a cold wallet of electrum).

Am I correct ? Any objection ? What would be the advantages of an HWW versus Cold Storage through electrum ?
Jump to: